please help me fix my sister's computer

**becausewesayso** · 27.06.2009, 05:46

Dear friends, While visiting my sister, she asked me to take a look at her computer that's been running slow.

Yikes!! What a mess of virus's. I tried some online scanners but keep getting different answers. So as always I'm turning to you guys ( my secret weapon). l hope the log files are as requested. Any advice or cures would be appreciated. Please help make me a hero, guys.

Thank you in advance. Judi Mattes. P.S. something called windows installer is trying to install itself. Also eztracks. I noticed sp3 waiting in the wings but didn't install it yet untill i speak with you. thanks.

**Rene-gad** · 27.06.2009, 11:11

Сообщение от becausewesayso

:I noticed sp3 waiting in the wings but didn't install it yet untill i speak with you.

SP3 must be installed. And it's not all: just after issuing of SP3 a couple of patches were published. They must be installed too

Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore

-Fix with Hijackthis

Код:

O4 - HKLM\..\Run: [requester] "C:\WINDOWS\system32\requester.11.exe"

- Execute following script

Код:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
 QuarantineFile('C:\WINDOWS\system32\requester.11.exe','');
 DeleteFile('C:\WINDOWS\system32\requester.11.exe');
BC_ImportAll;
ExecuteSysClean;
SetAVZPMStatus(True);
BC_Activate;
RebootWindows(true);
end.

After reboot execute following script

Код:

begin
CreateQurantineArchive('C:\quarantine.zip');
end.

- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
- Close all the programs and start only Internet Explorer!!!
- Repeat 3 log files.
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Upload the C:\quarantine.zip over the link Upload quarantined files on the top of this page.
- Attach 3 logs to your new post..

**becausewesayso** · 27.06.2009, 14:51

trying to install itself when I open a new window and will not delete, only cancel after repeated mouse clicks. What a pain!! Says it's searching for an msi. installer pkg. Also, seperately on last reboot,something tried to install unknown hardware too, but I haven't installed any new hardware. weird? installed sp3, IE8, all updates per Mocrosoft's update web page.Downloaded, installed, and ran ccleaner. Executed scripts, uploaded quarantined files, and log files attached. thanks in advance. you guys are the best.

**Rene-gad** · 27.06.2009, 20:24

- Execute following script

Код:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
 DelBHO('{3023AF97-870E-476A-B30E-3923DF2B84BD}');
 RegKeyDel('HKLM','SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9F1C11AA-197B-4942-BA54-47A8489BB47F}');
 RegKeyDel('HKLM','SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}');
 RegKeyDel('HKLM','SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D}');
 RegKeyDel('HKLM','SOFTWARE\Microsoft\Code Store Database\Distribution Units\{41F17733-B041-4099-A042-B518BB6A408C}');
 RegKeyDel('HKLM','SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33564D57-9980-0010-8000-00AA00389B71}');
 RegKeyDel('HKLM','SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}');
 RegKeyDel('HKLM','SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0335A685-ED24-4F7B-A08E-3BD15D84E668}');
 DeleteFile('C:\PROGRA~1\MYWEBS~1\bar\8.bin\M3PLUGIN.DLL');
 DeleteFile('C:\Program Files\EZTRACKS\eztracks_ieplug.dll');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.

After reboot
- Repeat 3 log files.

**becausewesayso** · 27.06.2009, 21:57

i managed to get rid of eztracks before i took my nap. I saw you had it in this last script. Maybe between the two of us it's finally gone!

i ran the scans as requested. They took no time at all. Boy have you done it again, I'm feeling my hero status coming on strong now.

This is soooooo cool. Rene, YOU ROCK!!

**Rene-gad** · 27.06.2009, 22:06

I found nothing suspicious in your logs.
Pls. install the last version of Adobe Reader (9.2) or uninstall it completely.
Pls. check, if all Windows-Updates are installed (www.windowsupdate.com).

**becausewesayso** · 28.06.2009, 02:06

Thanks I'll get right on it I'll let you know.

**becausewesayso** · 29.06.2009, 02:02

Thank you so much Rene!!Now We are truly my sister's heroes.

I took the time to blow the dust bunnies out. Seems like it's humming now. Thanks again!! 'till next time, Cheers!

J Mattes

please help me fix my sister's computer

Опции темы

please help me fix my sister's computer

eztracks keeps trying to install with every mouse click

eztracks gone!!

My Sister's Hero

Похожие темы

restore sistem does not works,I have some adds trying me to buy them a antivirus to fix my computer, the screan of my computer says is infected with a virus, i can not open the browser. (заявка №45872)

На рабочем столе надпись Warning! Spyware detected on your computer! Install an antivirus or spyware remover to clean your computer

синий экран с надписью Warning! Spyware detected on your computer! Install an antivirus or spyware to clean your computer AGAIN

синий экран с надписью Warning! Spyware detected on your computer! Install an antivirus or spyware to clean your computer.

Help me! my computer slow down. a turtle must be faster then my computer.

Ваши права в разделе